I have a story which, in retrospect, I think I should have called the FBI about. A few months ago I arrived at my 80-year-old mother-in-law's house on a Thursday and learned that she had been offline for a week. Someone had called her (meaning they already had her number) with the "you have a virus" shtick, but added that they were going to send someone to fix it for a fee. They asked her to confirm her address, which THEY read off to her FIRST. She declined. "Okay," they said. "Then we're going to turn your internet off"--which they did.

When I got there that Thursday she told me that they had asked her to be at her PC with her phone ready the next morning. Somehow they had turned her internet back on. So, here's the first part of the mystery. I can sort of see how the 'net could be turned off externally; but I can't imagine a way to turn it back on without being there to physically change something. Anyway, I told her I would be back the next morning.

I returned, but the call never came. I asked her if I could look around on her PC while we waited, and she said okay. This was an XP 'puter with 1 Gb of RAM dating back to 2007. However, it still sufficed for e-mail and the genealogy programs she ran. My wife's previous boyfriend had built and maintained it until his death. After that my wife's brother took over, and I helped when I came on the scene. Given that XP was out of date, she had good antivirus protection, and everything else was as up to date as it could be.

Deep in a directory of temp files I found an executable for Team Viewer (a free remote desktop and file-sharing program) that was dated 2007. I started it up and it ran normally--but it didn't appear in the Start Menu or the Add And Remove Program list. I surmise that the bad guys had installed this and used it to screw with her PC. There was some other strangeness which I don't recall now, but I wasn't familiar with any of it as belonging to the typical "help me take control of your PC" social engineering schemes. But just having altered the Team Viewer file date concerned me.

Rather than try to further reinforce her system against intrusion, we went out and bought a Win 8.1 machine, made sure everything was up to date, and installed a new antivirus program. Everything is automated, so she doesn't have to think about it. She thinks that the bad guys have called back, but she quit answering numbers she didn't recognize, and her new PC has continued to work normally. I worry that these people still have her address and phone number, and who knows what else, from probing her PC. She didn't keep any significant personal data on it--no SSN or credit cards or anything--so she wasn't particularly concerned about identity theft. My concern is that these folks will try something more malevolent at a time of their choice.

Richard

"My primary musical instrument is the personal computer."